Suspicious
Suspect

341a1c5b037616c3a1898468f9cb2961

PE Executable
|
MD5: 341a1c5b037616c3a1898468f9cb2961
|
Size: 7.7 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
341a1c5b037616c3a1898468f9cb2961
Sha1
a2eed13b28772a5e51e799bd74834cec1f824736
Sha256
e5f3bf349b598c769851fbede19d4ad8e49b286fdba30cb08c767a50d183eefc
Sha384
dab29017fc1f487cbe94861763359258b54265d7429c02f19e2f2c15270667350d5902e982159a543ca92acdafed92d4
Sha512
2f18436827ef9949e657ea840d502b80943fd885f47b33c569c58743c46c827f198a49b1c55bc6b5e3fac5d6408af7a65f427f93fca90d1e04c2f4976c167ac1
SSDeep
98304:uQHbG3aWzIus6efPUIdoaxcp8wy5c3trGOlkQ5DUOgJ9zlG:uubqhfefPtHxcp9ym3nltDUJVE
TLSH
6B76CF06F9E259F6C0BF5635887652917B70BC051B2297EB2B90BA382F33BD05E31365

PeID

HQR data file
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ v6.0 DLL
Pe123 v2006.4.4-4.12
Private EXE Protector V2.30-V2.3X -> SetiSoft Team
tElock 1.0 (private) -> tE!
tElock 1.0 (private) -> tE!
File Structure
341a1c5b037616c3a1898468f9cb2961
Overlay_238c3c50.bin
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.xdata
.idata
.reloc
.symtab
ScreenConnect.Client.dll
ScreenConnect.ClientService.dll
ScreenConnect.Core.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
ScreenConnect.Windows.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ScreenConnect.Properties.libwebp.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
_RDATA
.gxfg
.gehcont
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
ScreenConnect.Properties.libwebp.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
_RDATA
.rsrc
.reloc
ScreenConnect.Properties.libz.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1036
ScreenConnect.Properties.libz.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
ScreenConnect.Properties.libzstd.x64.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.reloc
ScreenConnect.Properties.libzstd.x86.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
ScreenConnect.WindowsAuthenticationPackage.dll
ScreenConnect.WindowsBackstageShell.exe
ScreenConnect.WindowsBackstageShell.exe.config
ScreenConnect.WindowsClient.exe
ScreenConnect.WindowsCredentialProvider.dll
ScreenConnect.WindowsFileManager.exe
ServiceExeWithoutService
ScreenConnect.InstallerActions.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.WindowsInstaller.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Microsoft.Deployment.WindowsInstaller.Errors.resources
Microsoft.Deployment.WindowsInstaller.Package.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.Compression.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Microsoft.Deployment.Compression.Cab.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Microsoft.Deployment.Compression.Cab.Errors.resources
CustomAction.config
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Overlay extracted: Overlay_238c3c50.bin (12112 bytes)
341a1c5b037616c3a1898468f9cb2961 (7.7 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙